Offensive Cybersecurity with Ryan Torvik

18 snips

Apr 9, 2025

Ryan Torvik, Founder and CEO of Tulip Tree Technology, dives into the world of offensive cybersecurity and embedded system security. He shares his journey from defense contracting to vulnerability research, highlighting the emotional rollercoaster hackers face. Ryan emphasizes the necessity of integrating security from the start in firmware development. He discusses advanced techniques like Address Space Layout Randomization and the challenges small companies face without dedicated security staff. Plus, he offers resources for anyone looking to learn about cybersecurity and hacking.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

ADVICE

Initial Attack Strategy

Begin by analyzing the attack surface and how the system processes data, identifying all possible entry points for data.
Check the National Vulnerability Database (NVD) for known vulnerabilities before deeper analysis.

ANECDOTE

Firmware Analysis

Pulling firmware from embedded devices is essential for deeper analysis, often requiring specialized hardware like oscilloscopes.
Analyzing firmware involves using interactive disassemblers like IDA Pro, Binary Ninja, or Ghidra.

ADVICE

Embedded Security Basics

Focus on securing data entry points, using standard libraries for cryptography and parsing, and avoid custom solutions.
Prioritize testing for unexpected inputs and handling failure cases gracefully during development.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

Key Topics

* [03:00] Ryan's background in offensive cybersecurity and defense contracting

* [04:30] The mindset and challenges of vulnerability research and hacking

* [09:15] How security researchers approach attacking embedded devices

* [13:45] Techniques for extracting and analyzing firmware

* [19:30] Security considerations for embedded developers

* [24:00] The importance of designing security from the beginning

* [28:45] Security challenges for small companies without dedicated security staff

* [33:20] Address Space Layout Randomization (ASLR) and other security measures

* [37:00] Emulation technology for testing embedded systems

* [45:30] Tulip Tree's approach to embedded system emulation and security testing

* [50:15] Resources for learning about cybersecurity and hacking

Notable Quotes

> "When you're on the vulnerability research side, you're trying to find a time when the software does something wrong. When it does something unexpected." — Ryan Torvik

> "Don't roll your own cryptography. Use a standard library for cryptography." — Ryan Torvik

> "We're seeing that the maintenance costs are what are getting people now. You're expected to maintain this device, but now you got to be able to actually update the device." — Ryan Torvik

> "It's so much more expensive to put security in after the fact if it's possible in the first place. Why is that even something that needs to be debated?" — Luca Ingianni

Resources Mentioned

[Tulip Tree Technology](tuliptreetech.com) - Ryan's company focused on embedded system security and emulation

* IDA Pro - Interactive disassembler for firmware analysis

* Binary Ninja - Interactive disassembler from Vector35

* Ghidra - NSA's open-source software reverse engineering tool

* Microcorruption - Beginner-friendly CTF challenge for learning embedded system hacking

* National Vulnerability Database - Public database of security vulnerabilities

Things to do

* Join the Agile Embedded Podcast Slack channel to connect with the hosts and other listeners

* Check out Tulip Tree Technology's website for their emulation tools and security services

* Try Microcorruption CTF challenges to learn about embedded system security vulnerabilities

* Consider security implications early in your design process rather than as an afterthought

* Use secure programming languages like Rust that help prevent common security issues

You can find Jeff at https://jeffgable.com.
You can find Luca at https://luca.engineer.

Want to join the agile Embedded Slack? Click here

Are you looking for embedded-focused trainings? Head to https://agileembedded.academy/
Ryan Torvik and Luca have started the Embedded AI podcast, check it out at https://embeddedaipodcast.com/